In new release, OpenStack Wallaby reaches out to Kubernetes

OpenStack, the popular open-source private cloud, used to be an island unto itself, but moving forward it relies more and more on integration with cloud-native computing programs.

Cloud computing concept

Image: 3dreams/Shutterstock

Just over ten years ago, Amazon Elastic Cloud, Amazon Web Services ancestor, and Microsoft Azure were showing that there might be something to this idea of cloud computing. Developers at NASA Ames Research Center and Rackspace decided there was a better way to build clouds: to build one from open-source software. They called their joint Infrastructure-as-a-Service project OpenStack.

SEE: Research: Video conferencing tools and cloud-based solutions dominate digital workspaces; VPN and VDI less popular with SMBs (TechRepublic Premium)

While OpenStack doesn't get a lot of press, it remains the most important open-source private IaaS cloud. Its development has also continued at a rapid pace. According to Mark Collier, the CEO of the Open Infrastructure Foundation, "OpenStack continues to be one of the three most active open-source projects on the planet." Only the Linux kernel and the Chromium web browser are ahead of it. 

It also, behind the scenes, has over a billion users. Collier observed that OpenStack's very popular with telecom companies. And that in particular, China Mobile, the largest mobile company in the world, has a billion subscribers, all running over an OpenStack-powered network.

OpenStack's developers aren't resting on their laurels. They're continuing to work to improve the cloud. 

For example, in the Wallaby, they've migrated the Role-based access control policy formats from JSON to YAML. This will help to reduce OpenStack deployment policy management issues. It also brings OpenStack more in sync with Kubernetes, which uses YAML throughout its programs.

The programmers have also been migrating from the sudo-based oslo.rootwrap to oslo.privsep for a faster, more secure command-privilege model. In the past, sudo commands, as it does anytime you embed the construct into a program, trade ease of operability for possible security holes. This is a work in progress, but it's still a major step forward in making it easier to secure OpenStack deployments. 

SEE: AWS Lambda, a serverless computing framework: A cheat sheet (free PDF) (TechRepublic)

This release has also improved its backend block storage service Cinder. Ceph, the open-source distributed storage system, with its ability to be used for block, file and object storage has long been OpenStack developers' favorite storage backend. Now, OpenStack has built-in support for the open-source Ceph backend driver, Ceph iSCSI. Besides other new Cinder storage drivers, older drivers have added support for new features such as revert to snapshot and backend Quality of Service. 

What I believe is the most interesting feature, however, is how OpenStack is making friends with other open-source projects. For example, Kolla, which provides production-ready containers and deployment tools for OpenStack has now added support for Prometheus V2. Prometheus is an open-source monitoring system, which has become the Kubernetes monitoring tool of choice. 

Continuing with Kubernetes integration OpenStack's Magnum API service has updated its support for Kubernetes and containerd, a standard container runtime. This makes it possible to use Kubernetes available as first-class OpenStack resources. Specifically, Magnum uses Heat, an OpenStack orchestration program, to orchestrate an operating system image that contains Kubernetes and runs that image in either virtual machines or bare metal in a cluster configuration. 

The upshot of all these changes is OpenStack is more secure than ever, and its interoperability with cloud-native programs is continuing to increase. If you haven't been using OpenStack yet, this new release gives you additional reasons to give it a try. 

Also see